Fall 2025 FreeBSD Vendor Summit Talk: FreeBSD/CHERI: Bringing Memory Safety to FreeBSD

Session: Friday, November 7, 1:30 pm-2:15 pm

Speaker:  Brooks Davis, Capabilities Limited

Abstract: CHERI is a portable, architectural security extension that
deterministically mitigates memory safety vulnerabilities in C and C++
code bases.  After more than a decade of development as an academic
research project at SRI and the University of Cambridge, we’re bringing
CHERI support to FreeBSD targeting the FreeBSD 16.  We’ll provide a
brief introduction to CHERI, demonstrate its functionality in CheriBSD,
and discuss our planned timeline.

Speaker Bio: Brooks Davis is a Principle Research Scientist at Capabilities Limited.
He holds a Bachelor’s Degree in Computer Science from Harvey Mudd
College (1998).  Since 2012 he has worked on the CHERI project and leads
the engineering effort for CheriBSD, a memory safe UNIX-like operating
system.  He has co-authored more than 15 papers on CHERI in contexts
including security, operating systems, programming languages, and
architecture.

Prior to joining Capabilities Limited in 2025, Brooks worked on
CHERI and CheriBSD at SRI International and before that worked on
high-performance computing and networking at The Aerospace Corporation.
Brooks Davis has been a member of the FreeBSD project since 2001 and
has served on the project’s elected core team.  He is also a Visiting
Industrial Fellow at the University of Cambridge Department of Computer
Science and Technology (Computer Laboratory).